SB2018120604 - Multiple vulnerabilities in Apple iOS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018120604

SB2018120604 - Multiple vulnerabilities in Apple iOS

Published: December 6, 2018 Updated: January 11, 2019

Security Bulletin ID SB2018120604
Severity
High
Patch available
YES
Number of vulnerabilities 22
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 27% Low 73%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 22 secuirty vulnerabilities.


1) Type confusion (CVE-ID: CVE-2018-4303)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to type confusion in the Airport component. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.


2) Memory corruption (CVE-ID: CVE-2018-4465)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Disk Images component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


3) Memory corruption (CVE-ID: CVE-2018-4447)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


4) Memory corruption (CVE-ID: CVE-2018-4461)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


5) Information disclosure (CVE-ID: CVE-2018-4430)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an error in the FaceTime component. A local attacker can trigger a state management error and access to contacts on a locked device.


6) Information disclosure (CVE-ID: CVE-2018-4446)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an error in the File Provider component. A local attacker can run a specially crafted application and learn information about the presence of other applications on the device.


7) Denial of service (CVE-ID: CVE-2018-4460)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the Kernel component. A local attacker can conduct DoS attack and cause the device to crash.


8) Information disclosure (CVE-ID: CVE-2018-4431)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a boundary error in the Kernel component. A local attacker can trigger memory corruption and read kernel memory.


9) Privilege escalation (CVE-ID: CVE-2018-4435)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to a logic issue in the Kernel component. A local attacker can run a specially crafted application and gain elevated privileges.


10) Spoofing attack (CVE-ID: CVE-2018-4429)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to insufficient validation of user-supplied input in the LinkPresentation component. A remote attacker can send a specially crafted mail message and spoof UI.


11) Spoofing attack (CVE-ID: CVE-2018-4439)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to insufficient validation of user-supplied input in the Safari component. A remote attacker can send a specially crafted mail message and spoof UI.


12) Security restrictions bypass (CVE-ID: CVE-2018-4436)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due insufficient validation of certificates in the Profiles component. A local attacker can bypass security restrictions and cause an untrusted configuration profile to be incorrectly displayed as verified.


13) Spoofing attack (CVE-ID: CVE-2018-4440)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to insufficient validation of user-supplied input in the Safari component. A remote attacker can trick the victim into visiting a specially crafted website, trigger state management error and spoof address bar.


14) Security restrictions bypass (CVE-ID: CVE-2018-4445)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists in the Safari component due "Clear History and Website Data" did not clear the history. A remote attacker can bypass security restrictions and prevent fully deletion of browsing history.


15) Memory corruption (CVE-ID: CVE-2018-4441)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


16) Memory corruption (CVE-ID: CVE-2018-4442)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


17) Memory corruption (CVE-ID: CVE-2018-4443)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


18) Memory corruption (CVE-ID: CVE-2018-4438)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger state management error and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


19) Memory corruption (CVE-ID: CVE-2018-4437)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


20) Memory corruption (CVE-ID: CVE-2018-4464)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


21) Memory corruption (CVE-ID: CVE-2018-4421)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to a boundary error in the Intel Graphics Driver component. A local attacker can run a specially crafted application and execute arbitrary code with kernel privileges.


22) Memory corruption (CVE-ID: CVE-2018-4456)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to a boundary error in the Intel Graphics Driver component. A local attacker can run a specially crafted application and execute arbitrary code with kernel privileges.


Remediation

Install update from vendor's website.

References